Methods and apparatus for providing hypervisor level data services for server virtualization

ABSTRACT

A hypervisor virtual server system, including a plurality of virtual servers, a plurality of virtual disks that are read from and written to by the plurality of virtual servers, a physical disk, an I/O backend coupled with the physical disk and in communication with the plurality of virtual disks, which reads from and writes to the physical disk, a tapping driver in communication with the plurality of virtual servers, which intercepts I/O requests made by any one of said plurality of virtual servers to any one of said plurality of virtual disks, and a virtual data services appliance, in communication with the tapping driver, which receives the intercepted I/O write requests from the tapping driver, and that provides data services based thereon.

CROSS REFERENCES TO RELATED APPLICATIONS

This application claims priority benefit of U.S. Provisional Application No. 61/314,589, entitled METHODS AND APPARATUS FOR PROVIDING HYPERVISOR LEVEL DATA SERVICES FOR SERVER VIRTUALIZATION, filed on Mar. 17, 2010 by inventor Ziv Kedem.

FIELD OF THE INVENTION

The present invention relates to virtual server environments and data services.

BACKGROUND OF THE INVENTION

Virtual servers are logical entities that run as software in a server virtualization infrastructure, referred to as a “hypervisor”. Examples of hypervisors are VMWARE® ESX manufactured by VMware, Inc. of Palo Alto, Calif., HyperV manufactured by Microsoft Corporation of Redmond, Wash., XENSERVER® manufactured by Citrix Systems, Inc. of Fort Lauderdale, Fla., Redhat KVM manufactured by Redhat, Inc. of Raleigh, N.C., and Oracle VM manufactured by Oracle Corporation of Redwood Shores, Calif. A hypervisor provides storage device emulation, referred to as “virtual disks”, to virtual servers. Hypervisor implements virtual disks using back-end technologies such as files on a dedicated file system, or raw mapping to physical devices.

As distinct from physical servers that run on hardware, virtual servers run their operating systems within an emulation layer that is provided by a hypervisor. Although virtual servers are software, nevertheless they perform the same tasks as physical servers, including running server applications such as database applications, customer relation management applications and MICROSOFT EXCHANGE SERVER®. Most applications that run on physical servers are portable to run on virtual servers. As distinct from virtual desktops that run client side applications and service individual users, virtual servers run applications that service a large number of clients.

As such, virtual servers depend critically on data services for their availability, security, mobility and compliance requirements, the data services including inter alia continuous data protection, disaster recovery, remote replication, data security, mobility, and data retention and archiving policies.

SUMMARY OF THE DESCRIPTION

Aspects of the present invention relate to a dedicated virtual data service appliance (VDSA) within a hypervisor that can provide a variety of data services. Data services provided by a VDSA include inter alia replication, monitoring and quality of service.

In an embodiment of the present invention, a tapping filter driver is installed within the hypervisor kernel. The tapping driver has visibility to I/O requests made by virtual servers running on the hypervisor.

A VDSA runs on each physical hypervisor. The VDSA is a dedicated virtual server that provides data services; however, the VDSA does not necessarily reside in the actual I/O data path. When a data service processes I/O asynchronously, the VDSA receives the data outside the data path.

Whenever a virtual server performs I/O to a virtual disk, the tapping driver identifies the I/O requests to the virtual disk. The tapping driver copies the I/O requests, forwards one copy to the hypervisor's backend, and forwards another copy to the VDSA.

Upon receiving an I/O request, the VDSA performs a set of actions to enable various data services. A first action is data analysis, to analyze the data content of the I/O request and to infer information regarding the virtual server's data state. E.g., the VDSA may infer the operating system level and the status of the virtual server. This information is subsequently used for reporting and policy purposes.

A second action, optionally performed by the VDSA, is to store each I/O write request in a dedicated virtual disk for journaling. Since all I/O write requests are journaled on this virtual disk, the virtual disk enables recovery data services for the virtual server, such as restoring the virtual server to an historical image.

A third action, optionally performed by the VDSA, is to send I/O write requests to different VDSAs, residing on hypervisors located at different locations, thus enabling disaster recovery data services.

There is thus provided in accordance with an embodiment of the present invention a hypervisor virtual server system, including a plurality of virtual servers, a plurality of virtual disks that are read from and written to by the plurality of virtual servers, a physical disk, an I/O backend coupled with the physical disk and in communication with the plurality of virtual disks, which reads from and writes to the physical disk, a tapping driver in communication with the plurality of virtual servers, which intercepts I/O requests made by any one of said plurality of virtual servers to any one of said plurality of virtual disks, and a virtual data services appliance, in communication with the tapping driver, which receives the intercepted I/O write requests from the tapping driver, and which provides data services based thereon.

There is additionally provided in accordance with an embodiment of the present invention a method for providing data services within a hypervisor virtual server system, including intercepting I/O requests from any one of a plurality of virtual servers to one of a plurality of virtual disks, and sending intercepted I/O write requests to a virtual data services appliance that provides hypervisor data services.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will be more fully understood and appreciated from the following detailed description, taken in conjunction with the drawings in which:

FIG. 1 is a simplified block diagram of a hypervisor architecture that includes a tapping driver and a virtual data services appliance, in accordance with an embodiment of the present invention; and

FIG. 2 is a simplified data flow chart for a virtual data services appliance, in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION

Aspects of the present invention relate to a dedicated virtual data services appliance (VDSA) within a hypervisor, which is used to provide a variety of hypervisor data services. Data services provided by a VDSA include inter alia replication, monitoring and quality of service.

Reference is made to FIG. 1, which is a simplified block diagram of a hypervisor architecture that includes a tapping driver and a VDSA, in accordance with an embodiment of the present invention. Shown in FIG. 1 is a hypervisor 100 with three virtual servers 110, three virtual disks 120, an I/O backend 130 and a physical storage array 140. Hypervisor 100 uses a single physical server, but runs multiple virtual servers 110. Virtual disks 120 are a storage emulation layer that provide storage for virtual servers 110. Virtual disks 120 are implemented by hypervisor 100 via I/O backend 130, which connects to physical disk 140.

Hypervisor 100 also includes a tapping driver 150 installed within the hypervisor kernel. As shown in FIG. 1, tapping driver 150 resides in a software layer between virtual servers 110 and virtual disks 120. As such, tapping driver 150 is able to access I/O requests performed by virtual servers 110 on virtual disks 120. Tapping driver 150 has visibility to I/O requests made by virtual servers 110.

Hypervisor 100 also includes a VDSA 160. In accordance with an embodiment of the present invention, a VDSA 160 runs on a separate virtual server within each physical hypervisor. VDSA 160 is a dedicated virtual server that provides data services via one or more data services engines 170. However, VDSA 160 does not reside in the actual I/O data path between I/O backend 130 and physical disk 140. Instead, VDSA 160 resides in a virtual I/O data path.

Whenever a virtual server 110 performs I/O on a virtual disk 120, tapping driver 150 identifies the I/O requests that the virtual server makes. Tapping driver 150 copies the I/O requests, forwards one copy via the conventional path to I/O backend 130, and forwards another copy to VDSA 160. In turn, VDSA 160 enables the one or more data services engines 170 to provide data services based on these I/O requests.

Reference is made to FIG. 2, which is a simplified data flow chart for a VDSA, in accordance with an embodiment of the present invention. Shown in FIG. 2 are an I/O receiver 210, a hash generator 220, a TCP transmitter 230, a data analyzer and reporter 240, a journal manager 250 and a remote VDSA 260. Remote VDSA 260 resides on different physical hardware, at a possibly different location.

As shown in FIG. 2, I/O receiver 210 receives an intercepted I/O request from tapping driver 150. VDSA 160 makes up to three copies of the received I/O requests, in order to perform a set of actions which enable the one or more data services engines 170 to provide various services.

A first copy is stored in persistent storage, and used to provide continuous data protection. Specifically, VDSA 160 sends the first copy to journal manager 250, for storage in a dedicated virtual disk 270. Since all I/O requests are journaled on virtual disk 270, journal manager 250 provides recovery data services for virtual servers 110, such as restoring virtual servers 110 to an historical image. In order to conserve disk space, hash generator 220 derives a one-way hash from the I/O requests. Use of a hash ensures that only a single copy of any I/O request data is stored on disk.

An optional second copy is used for disaster recovery. It is sent via TCP transmitter 230 to remote VDSA 260. As such, access to all data is ensured even when the production hardware is not available, thus enabling disaster recovery data services.

An optional third copy is sent to data analyzer and reporter 240, which generates a report with information about the content of the data. Data analyzer and reporter 240 analyzes data content of the I/O requests and infers information regarding the data state of virtual servers 110. E.g., data analyzer and reporter 240 may infer the operating system level and the status of a virtual server 110.

In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made to the specific exemplary embodiments without departing from the broader spirit and scope of the invention as set forth in the appended claims. Accordingly, the specification and drawings are to be regarded in an illustrative rather than a restrictive sense. 

1-10. (canceled)
 11. A cross-host multi-hypervisor system, comprising: a plurality of host sites executed by at least one processor, each site comprising: at least one hypervisor, each of which comprises: at least one virtual server; at least one virtual disk that is read from and written to by said at least one virtual server; a tapping driver installed within a hypervisor kernel of the at least one hypervisor, wherein the tapping driver resides in a software layer between the at least one virtual server and the at least one virtual disk, and the tapping driver is in communication with said at least one virtual server, wherein the tapping driver intercepts write requests made by any one of said at least one virtual server to any one of said at least one virtual disk; and a virtual data services appliance, in communication with said tapping driver, which receives the intercepted write requests from said tapping driver, and which provides data services based thereon; and a data services manager for coordinating the virtual data services appliances at the site and for communicatively coupling said plurality of host sites via a network, wherein said data services manager coordinates data transfer across said plurality of host sites via said network; wherein said data services manager provides data recovery for the at least one virtual server executing on the at least one hypervisor.
 12. The system of claim 11 wherein at least one of said virtual data services appliances at a first of said plurality of host sites transmits intercepted write requests to at least one of said virtual data services appliances at a second of said plurality of host sites, via said network.
 13. The system of claim 12 wherein the at least one of said virtual data services appliances at the second of said plurality of host sites periodically apply the intercepted write requests to at least one of said virtual disks at the second site.
 14. The system of claim 11 wherein said data services managers pair a group of at least one of said virtual servers at one or more first ones of said plurality of host sites with a corresponding group of at least one of said virtual servers at one or more second ones of said plurality of host sites, as source virtual protection groups and target virtual protection groups.
 15. The system of claim 14 wherein said virtual data services appliance at each hypervisor at the one or more first ones of said plurality of host sites preserves write order fidelity for the write requests intercepted from virtual servers in the source virtual protection group at the hypervisor.
 16. The system of claim 15 wherein said virtual data services appliances at the hypervisors at the one or more first ones of said plurality of host sites transmit, via said network, the write requests intercepted from virtual servers in the source virtual protection group, to said virtual data services appliances in the hypervisors at the one or more second ones of said plurality of host sites that include virtual servers in the target virtual protection group.
 17. The system of claim 16 wherein said virtual data services appliances in the hypervisors at the one or more second ones of said plurality of host sites that include virtual servers in the target virtual protection group periodically apply the intercepted write requests to at least one of said virtual disks in the hypervisors at the one or more second ones of said plurality of host sites.
 18. The system of claim 14 wherein the virtual servers in the source virtual protection group belong to a same hypervisor.
 19. The system of claim 14 wherein the virtual servers in the target virtual protection group belong to a same hypervisor.
 20. The system of claim 14 wherein the source virtual protection group spans a same number of hypervisors as does the target virtual protection group.
 21. The system of claim 14 wherein said data services managers provide data recovery for the virtual servers in the source virtual protection group from the virtual servers in the target virtual protection group. 